Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d0eabfe28f6b77c25d883ad3e380620f1367082cc58f309e4d24dd1d2c3548c8

  • Size

    534KB

  • Sample

    220131-fga32sfbdr

  • MD5

    a506ca65b78a0c3475f855f463c0ce06

  • SHA1

    a28f9be767b628af5954de4c0218d7c75e1bfe16

  • SHA256

    d0eabfe28f6b77c25d883ad3e380620f1367082cc58f309e4d24dd1d2c3548c8

  • SHA512

    b2e6f535adaf821552f73fd6391dfb419359b8d9379ba1cf8a2a832b120bd570c8402f50906d3399a9a04205157b2780cc0e180470e4b53d2f9a04d9c7ae6058

Score
10/10
formbookcw22ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cw22

Decoy

betvoy206.com

nftstoners.com

tirupatibuilder.com

gulldesigns.com

shemhq.com

boricosmetic.com

bitcoinbillionaireboy.com

theflypaperplanes.com

retrocartours.com

yangzhie326.com

cheepchain.com

sentryr.com

luckirentalhomes.com

pointssquashers.com

dianasarabiantreasures.com

calendarsilo.com

sublike21.xyz

gajubg0up.xyz

lousfoodreviews.com

fades.site

Targets

    • Target

      d0eabfe28f6b77c25d883ad3e380620f1367082cc58f309e4d24dd1d2c3548c8

    • Size

      534KB

    • MD5

      a506ca65b78a0c3475f855f463c0ce06

    • SHA1

      a28f9be767b628af5954de4c0218d7c75e1bfe16

    • SHA256

      d0eabfe28f6b77c25d883ad3e380620f1367082cc58f309e4d24dd1d2c3548c8

    • SHA512

      b2e6f535adaf821552f73fd6391dfb419359b8d9379ba1cf8a2a832b120bd570c8402f50906d3399a9a04205157b2780cc0e180470e4b53d2f9a04d9c7ae6058

    Score
    10/10
    formbookcw22ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks